Jump to content

premiso

Members
  • Posts

    6,951
  • Joined

  • Last visited

  • Days Won

    2

Everything posted by premiso

  1. Funny, that is where this idea came from. I have been working at it just cause I hate regex and need to get better at it.
  2. Honestly, right now I cannot think of a way to do it better/cleaner, I am sure someone might. Although I do see something I would do. Instead of escaping the data here like so: if(isset($_POST['email'])) { $values['email']=mysql_real_escape_string($_POST['email']);} I would do this: <?php // removed for wrong version $field_values=join(", ",$values); foreach ($values as $key => $val) { $keys[] = "`" . $key . "`"; $vals[] = "'" . mysql_real_escape_string($val) . "'"; } $field_values = implode(", ", $val); $field_cols = implode(", ", $col); $sql = "INSERT INTO table_name (" . $field_cols . ") VALUES ( " . $field_values . " )"; ?>
  3. You always want to escape data coming in from POST or GET data to make sure SQL Injection won't be an issue (even if it is not suppose to be text in a db). Also escaping the data coming out of the database is only necessary for varchar or text, as this data could contain a ' which will break the SQL. Hope that helps. Edit: I seemed to have missed a key, only escape data coming out of the DB, if you are going to be putting it back in. Do not escape it if you plan to display it on a page =) Thanks to wildteen for pointing that out.
  4. dir or readdir Check out the above functions.
  5. Not the cleanest but this would work given that the array key is also the column name: <?php // removed for wrong version $field_values=join(", ",$values); foreach ($values as $key => $val) { $keys[] = "`" . $key . "`"; $vals[] = "'" . $val . "'"; } $field_values = implode(", ", $val); $field_cols = implode(", ", $col); $sql = "INSERT INTO table_name (" . $field_cols . ") VALUES ( " . $field_values . " )"; ?> Like I said not the cleanest but should do the job.
  6. lol that is a pain in the butt to look at. Please remove the extra spaces and paste a cleaned up version. That is just horrendus for me to even want to try and help honestly.
  7. Makes sense. I was thinking more of not a contest, just a learning curve thing. Say, here is the daily code, if you want code it and post it in this forum for critique and that would give the learners something to do that they could get critiqued on and urge them to try new stuff and know they have support. I would say that the admins would not have to critique every code, leave that up to users who would like to. And definately not make it so complex that it takes a month to do, but if it can be done in a couple days by non-advance that would be kinda fun. So I guess I am not looking for a contest between users more of a help session, such as for example : This week's code project is create a Quadratic Equation solver that will solve any possible quadratic equation given and display all the steps to the user. Must include a form to pass data in and display the results in a viewable fashion. I am not sure that anyone would do it, I know I would if I had a few hours of bordem (I actually just did that cause I was bored yesterday). I dunno, I like to see how other people take to solve problems and you can find new ways to make your code more reliable and efficient. Anyhow just an idea I thought would be cool =)
  8. http://www.4wordsystems.com/php_image_resize.php May help you on your way. =) Google is a developers best tool IMO.
  9. Do you have any starting code? What you are asking for is confusing, but sounds like you want to parse the page and write what you want to a text file. If so then file_get_contents and fopen will be a major help for you to read and understand. Good luck!
  10. I would check online http://www.phpclasses.org/browse/package/1931.html I found that class that someone created, you should be able to get that to suit your needs. I know it only does it by table, but a loop of arrays of all your tables can solve that problem. There seems to be a bunch of other scripts online, most do not prompt to download, but that can be done by reading up on it. Hope that at least gets you started to find/resolve your problem.
  11. We need to see more code around the for($i=0;$i<$numrows;$i++){ $sql="UPDATE news SET archived='1' WHERE id = $archived[$i]"; } Just from that, I do not see where you are calling mysql_query to update $sql in the database...
  12. Check this out http://dev.mysql.com/doc/refman/5.0/en/date-and-time-functions.html if ($rememberMe=="on"){ setcookie("nwo",$tempID, time()+3600*24*30); mysql_query("INSERT INTO cookie (tempID, userID, expirationDate) VALUES ('$tempID', '$userID', DATE_ADD(NOW(),INTERVAL 30 DAY))"); }else{ setcookie("nwo",$tempID, 0); mysql_query("INSERT INTO cookie (tempID, userID, expirationDate) VALUES ('$tempID', '$userID', DATE_ADD(NOW(),INTERVAL 20 MINUTES))"); } I believe you are missing the DATE_ADD function in your query.
  13. Easy way to check, create a phpinfo.php with the following: <?php phpinfo(); ?> Open the page and look under "Apache" -> "loaded modules" If mod_rewrite is enabled it will be listed under that.
  14. Well good enough reason not to do it =) I guess I missed the competitions, oh well. Thanks for replying.
  15. I think this sounds like a fun idea to do, create a new forum for the "Daily (or weekly) PHP Coding" where each day/week a deal is posted for users to code and post how they coded it. Could serve multiple purposes for learning and be fun for some of the more advanced members interested. I do not know if it will go without a hitch, but I would probably do the weekly one at least for the heck of it, it may even help improve the advanced members skills. Anyhow just a suggestion =)
  16. Your mysql_free_result($RsRegions) way too earlier, put it after the do while loop and this should work fine.
  17. Anytime you have a script enter in that much data it will be slow. I do not think there is a way around it cause essentially you will be querying the DB 10000 plus times which is just slow. An alternative may be to get all the emails from the csv and put them into a query as such: $sql = "SELECT email FROM table_contacts WHERE email IN('email2@amil.com', 'email@aml.com');" So now you will have all the bad emails then either loop through each email and test it, or something like this: <?php $sql = mysql_query("SELECT email FROM table_contacts WHERE email IN('email2@amil.com', 'email@aml.com');"); while ($row = mysql_fetch_assoc($sql)) { $bad_emails[] = $row['email']; } // then loop through your csv emails foreach ($csv_email as $email) { if (!in_array($email, $bad_emails)) { mysql_query("INSERT INTO tablename (`email`) VALUES ('" . $email . "')"); } } ?> Of course the csv_email can be an array of the data for populating and you would just reference the email as if (!in_array($email[2], $bad_emails)) { 2 is assuming that the email is at index 3 of that array. Either way this should cut your queries in about half. Hope that will get you goin and the ideas flowin.
  18. Oh and here it is with just MySQL: http://dev.mysql.com/doc/refman/5.0/en/insert-select.html INSERT INTO tbl_temp2 (fld_id) SELECT tbl_temp1.fld_order_id FROM tbl_temp1 WHERE tbl_temp1.fld_order_id > 100; Your Code: <?php // time plus 60 min $timeP60 = time()+(60*60); $sql = "INSERT INTO tablename (`col1`, `col2`) SELECT col1, col2 FROM active_users WHERE last_activity < " . $timeP60; mysql_query($sql); ?> I am not 100% on that one, my syntax could be wrong, but yea. Just an alternative method, I also do not know if this works on MySQL 4.
  19. I honestly do not think you can, the best you can do is assume that you have to replace certain characters already. I hate MS Word for this exact reason, you have to check for those smart quotes, the - and a bunch of other non-sense and replace them. The easiest way I found was to create 2 arrays, one with the bad vals and one with the good vals and use that replace the bad vals with the good vals. The worst part was this happened to me after I had my site running for about 6 months, so changing charsets was not probable. Wish I would have known to use a different charset back then. Oh well. Hope that helps.
  20. That explanation is kind of vague...What are we logging? What fields will the user be able to input date into, what type of data is it? Does this have to be done by a certain user, and does it matter if it is done by a particular user? Is this a simple error log, if so does the GUI just need to be able to pull out data, display it in a table and allow the user to manipulate it? (If so there are alot of scripts on the web to do this, I actually Barrand on this form has some in his Signature). Please elaborate.
  21. Oracle it is pretty easy, I think mysql 5 also supports queries that do that, I am not sure about mysql 4. Anyhow the easy without getting into advanced sql is: <?php // time plus 60 min $timeP60 = time()+(60*60); $sql = "SELECT * FROM active_users WHERE last_activity < " . $timeP60; $result = mysql_query($sql); while ($row = mysql_fetch_assoc($result)) { foreach ($row as $key => $val) { $keys[] = "`" . $key . "`"; $vals[] = "'" . $val . "'"; } $new_sql = "INSERT INTO tablename (" . implode(", " , $keys) . ") VALUES (" . implode(", ", $vals) . ")"; mysql_query($new_sql); $keys = ""; $vals = ""; } ?> I am not 100% sure on the implode part, but pretty sure. Hope that helps. I may get bored and post the SQL that can do this also.
  22. Its an upload script. In PHP when a file is uploaded it is sent to a temp directory, hence the move_uploaded_file. In the move uploaded file you are able to set the file name to be what you want and move the file to where you want. The tmp_name is the name that the file was uploaded as, you can choose to keep using that or not. If the file moved successfully, report it, else die. This will do as many files as were uploaded on the previous page with the foreach loop. Hope that helps.
  23. When you input a row into the table, are you distinctly setting the value to NULL, or '' because there is a difference. This may help SELECT * FROM `region_list` WHERE (`RegionName` IS NOT NULL AND `RegionName` <> '') That should check for both.
  24. Yea a little different than I would have done. For example, I would have kept the admins in the same table as users, just have a level or maybe isadmin field in the database. This prevents multiple queries and saves some hassels for a few key users who are deemed as admins. For the user table SQL, I would use this: CREATE TABLE `database_name`.`users` ( `user_id` SMALLINT NOT NULL AUTO_INCREMENT , `username` VARCHAR( 12 ) NOT NULL , `password` VARCHAR( 32 ) NOT NULL , `timestamp` VARCHAR( 26 ) NOT NULL , `admin` TINYINT NOT NULL DEFAULT '0', PRIMARY KEY ( `user_id` ) , UNIQUE ( `username` ) ) ENGINE = InnoDB; Since the tables are identical, no need to have 2 separate. Then you can easily set, isAdmin or something similar to signify they are an admin or not. As for the code I have yet to look closely at it, but from an overview it seems pretty good, as with all code it can use some cleanup, but it looks good to me. Anyhow nice job, if you need anymore help/advice don't hesitate to ask.
  25. You are assining result inside the while loop, thus changing everything. CHANGE THIS $query1="INSERT INTO B " . "(Name,InstallationDate, NumberOfMonths) VALUES ('$Name, $InstallationDate, $NumOfMonths')"; $result=mysql_query($query1); TO $query1="INSERT INTO B " . "(Name,InstallationDate, NumberOfMonths) VALUES ('$Name, $InstallationDate, $NumOfMonths')"; $result1=mysql_query($query1); That should not mess up the while loop by pulling a different set of results.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.